HexStrike AI: MCP server exposing 150+ cybersecurity tools to AI agents
HexStrike AI is an open-source MCP server that enables AI agents (Claude, GPT, Copilot, and others) to autonomously invoke over 150 offensive security tools for penetration testing, vulnerability discovery, and bug bounty automation. The project bridges LLMs with real-world offensive security capabilities via the Model Context Protocol. With 9,221 GitHub stars, it represents a notable community signal around agentic security tooling and the expanding attack surface of AI-driven automation.
Related guides (3)
Related events (8)
Anthropic-Cybersecurity-Skills: 754 Structured Cybersecurity Skills for AI Agents
A GitHub repository providing 754 structured cybersecurity skills designed for AI coding agents, mapped to five major frameworks including MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, and NIST AI RMF. The skills are organized across 26 security domains and conform to the agentskills.io standard. The project claims compatibility with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI, and 20+ other platforms. It has accumulated 7,330 stars with 238 added today, indicating notable community traction.
Deep Eye: Multi-Provider AI-Orchestrated Vulnerability Scanner
Deep Eye is an open-source Python tool that orchestrates multiple AI providers (OpenAI, Claude, Grok, Gemini, Ollama, Groq, Mistral, and others) to generate attack payloads and scan targets for 45+ vulnerability types. It produces professional security reports with compliance mapping. The project has accumulated 1,572 GitHub stars with 42 added today, indicating growing community interest in AI-augmented offensive security tooling.
PentestAgent: AI Agent Framework for Black-Box Security Testing
PentestAgent is an open-source Python framework that applies AI agent techniques to penetration testing, bug bounty, and red-team workflows. The project has accumulated 2,497 GitHub stars with modest daily traction (+30). It represents a practical deployment of autonomous agent architectures in offensive security contexts.
Anthropic Launches Claude Code Security: AI-Powered Vulnerability Detection for Defenders
Anthropic has released Claude Code Security in limited research preview for Enterprise and Team customers, a capability built into Claude Code that scans codebases for security vulnerabilities and suggests patches for human review. Unlike rule-based static analysis tools, it uses Claude's reasoning to understand code context, trace data flows, and detect complex vulnerabilities including novel ones. Built on Claude Opus 4.6, the system found over 500 previously undetected vulnerabilities in production open-source codebases during internal research. The release is framed as a defensive measure to put AI-enabled vulnerability discovery in the hands of defenders before attackers can exploit the same capabilities.
Chrome DevTools MCP Server for Coding Agents
The chrome-devtools-mcp repository exposes Chrome DevTools functionality as a Model Context Protocol (MCP) server, enabling coding agents to interact with browser debugging tools programmatically. The project has accumulated over 40,000 stars on GitHub, with 132 added today, indicating strong community traction. This tooling bridges browser developer tooling with AI agent workflows, allowing agents to inspect, debug, and interact with web pages.
Anthropic Open-Sources the Model Context Protocol (MCP)
Anthropic has released the Model Context Protocol (MCP), an open standard enabling secure, two-way connections between AI assistants and external data sources such as business tools, content repositories, and development environments. The protocol introduces a client-server architecture with SDKs, local MCP server support in Claude Desktop, and a repository of pre-built connectors for systems like GitHub, Slack, Google Drive, and Postgres. Early adopters include Block and Apollo, with development tool companies Zed, Replit, Codeium, and Sourcegraph integrating MCP into their platforms. The goal is to replace fragmented, per-source integrations with a single universal protocol, improving context availability for AI agents.
Tiny Agents: an MCP-powered agent in 50 lines of code
Hugging Face published a blog post demonstrating how to build a minimal AI agent using the Model Context Protocol (MCP) in approximately 50 lines of code. The post showcases how MCP enables agents to discover and invoke tools dynamically, reducing the boilerplate required for agentic workflows. This serves as both a tutorial and a commentary on MCP's role in simplifying agent-tool integration in the current ecosystem.
Anthropic Frontier Red Team reports early-warning signs of rapid AI progress in cybersecurity and biosecurity capabilities
Anthropic's Frontier Red Team published findings from a year of safety evaluations across four model releases, documenting rapid capability gains in dual-use domains. In cybersecurity, Claude 3.7 Sonnet now solves roughly a third of Cybench CTF challenges (up from ~5% a year ago), and with the Incalmo toolset was able to replicate a large-scale network attack in realistic cyber range environments. In biosecurity, Claude has moved from underperforming virology experts to exceeding them on the VCT benchmark within one year, and exceeds human expert baselines on cloning workflows. Anthropic assesses current models as showing 'early warning' signs but not yet crossing thresholds of substantially elevated national security risk.